-
Notifications
You must be signed in to change notification settings - Fork 68
/
configuration.diff
160 lines (106 loc) · 5.74 KB
/
configuration.diff
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
From 23baf327e249e2577e7e2f8c25b36fc579caa8c9 Mon Sep 17 00:00:00 2001
From: David Runge <dave@sleepmap.de>
Date: Thu, 11 Jun 2020 11:45:32 +0200
Subject: [PATCH] Making configuration FHS compliant
dnscrypt-proxy/example-dnscrypt-proxy.toml:
Patching the example configuration to be File Hierarchy System (FHS)
compliant.
---
dnscrypt-proxy/example-dnscrypt-proxy.toml | 36 +++++++++++-----------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/dnscrypt-proxy/example-dnscrypt-proxy.toml b/dnscrypt-proxy/example-dnscrypt-proxy.toml
index ec40441c..1b84412f 100644
--- a/dnscrypt-proxy/example-dnscrypt-proxy.toml
+++ b/dnscrypt-proxy/example-dnscrypt-proxy.toml
@@ -146,7 +146,7 @@ keepalive = 30
## This file is different from other log files, and will not be
## automatically rotated by the application.
-# log_file = 'dnscrypt-proxy.log'
+log_file = '/var/log/dnscrypt-proxy/dnscrypt-proxy.log'
## When using a log file, only keep logs from the most recent launch.
@@ -156,7 +156,7 @@ keepalive = 30
## Use the system logger (syslog on Unix, Event Log on Windows)
-# use_syslog = true
+use_syslog = true
## Delay, in minutes, after which certificates are reloaded
@@ -310,7 +310,7 @@ reject_ttl = 600
## See the `example-forwarding-rules.txt` file for an example
-# forwarding_rules = 'forwarding-rules.txt'
+# forwarding_rules = '/etc/dnscrypt-proxy/forwarding-rules.txt'
@@ -324,7 +324,7 @@ reject_ttl = 600
##
## See the `example-cloaking-rules.txt` file for an example
-# cloaking_rules = 'cloaking-rules.txt'
+# cloaking_rules = '/etc/dnscrypt-proxy/cloaking-rules.txt'
## TTL used when serving entries in cloaking-rules.txt
@@ -392,8 +392,8 @@ cache_neg_max_ttl = 600
## Certificate file and key - Note that the certificate has to be trusted.
## See the documentation (wiki) for more information.
-# cert_file = "localhost.pem"
-# cert_key_file = "localhost.pem"
+# cert_file = "/var/lib/dnscrypt-proxy/localhost.pem"
+# cert_key_file = "/var/lib/dnscrypt-proxy/localhost.pem"
@@ -408,7 +408,7 @@ cache_neg_max_ttl = 600
## Path to the query log file (absolute, or relative to the same directory as the config file)
## On non-Windows systems, can be /dev/stdout to log to the standard output (also set log_files_max_size to 0)
- # file = 'query.log'
+ # file = '/var/log/dnscrypt-proxy/query.log'
## Query log format (currently supported: tsv and ltsv)
@@ -434,7 +434,7 @@ cache_neg_max_ttl = 600
## Path to the query log file (absolute, or relative to the same directory as the config file)
- # file = 'nx.log'
+ # file = '/var/log/dnscrypt-proxy/nx.log'
## Query log format (currently supported: tsv and ltsv)
@@ -464,12 +464,12 @@ cache_neg_max_ttl = 600
## Path to the file of blocking rules (absolute, or relative to the same directory as the config file)
- # blacklist_file = 'blacklist.txt'
+ # blacklist_file = '/etc/dnscrypt-proxy/blacklist.txt'
## Optional path to a file logging blocked queries
- # log_file = 'blocked.log'
+ # log_file = '/var/log/dnscrypt-proxy/blocked.log'
## Optional log format: tsv or ltsv (default: tsv)
@@ -492,12 +492,12 @@ cache_neg_max_ttl = 600
## Path to the file of blocking rules (absolute, or relative to the same directory as the config file)
- # blacklist_file = 'ip-blacklist.txt'
+ # blacklist_file = '/etc/dnscrypt-proxy/ip-blacklist.txt'
## Optional path to a file logging blocked queries
- # log_file = 'ip-blocked.log'
+ # log_file = '/var/log/dnscrypt-proxy/ip-blocked.log'
## Optional log format: tsv or ltsv (default: tsv)
@@ -520,12 +520,12 @@ cache_neg_max_ttl = 600
## Path to the file of whitelisting rules (absolute, or relative to the same directory as the config file)
- # whitelist_file = 'whitelist.txt'
+ # whitelist_file = '/etc/dnscrypt-proxy/whitelist.txt'
## Optional path to a file logging whitelisted queries
- # log_file = 'whitelisted.log'
+ # log_file = '/var/log/dnscrypt-proxy/whitelisted.log'
## Optional log format: tsv or ltsv (default: tsv)
@@ -594,7 +594,7 @@ cache_neg_max_ttl = 600
[sources.'public-resolvers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
- cache_file = 'public-resolvers.md'
+ cache_file = '/var/cache/dnscrypt-proxy/public-resolvers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
prefix = ''
@@ -602,7 +602,7 @@ cache_neg_max_ttl = 600
[sources.'relays']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/relays.md', 'https://download.dnscrypt.info/resolvers-list/v2/relays.md']
- cache_file = 'relays.md'
+ cache_file = '/var/cache/dnscrypt-proxy/relays.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
prefix = ''
@@ -612,7 +612,7 @@ cache_neg_max_ttl = 600
# [sources.quad9-resolvers]
# urls = ['https://www.quad9.net/quad9-resolvers.md']
# minisign_key = 'RWQBphd2+f6eiAqBsvDZEBXBGHQBJfeG6G+wJPPKxCZMoEQYpmoysKUN'
- # cache_file = 'quad9-resolvers.md'
+ # cache_file = '/var/cache/dnscrypt-proxy/quad9-resolvers.md'
# prefix = 'quad9-'
## Another example source, with resolvers censoring some websites not appropriate for children
@@ -620,7 +620,7 @@ cache_neg_max_ttl = 600
# [sources.'parental-control']
# urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/parental-control.md', 'https://download.dnscrypt.info/resolvers-list/v2/parental-control.md']
- # cache_file = 'parental-control.md'
+ # cache_file = '/var/cache/dnscrypt-proxy/parental-control.md'
# minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'